Always debatable, IMHO!
I take it no PHPMyAdmin cause it does require updating itself from time to time. I don't install, but do see scans for older versions of PMA ... it seems when ever there is an update to PMA available.
If servers Linux, might consider webmin. With it, one can create webmin users and restrict their access to things like MySQL ... like a user that can read only.
Of course 'the most secure servers' are the ones that have less of an attack surface. So no web based interface to DB .... cli only and only host allowed to talk to it ... localhost/root.
I know of some server admins who have built quickie installer scripts for PMA ... install it ... use it ... then removes it.